Bug With Widely-Deployed Security Tool CrowdStrike Is Crashing Windows, Causing Widespred Outages Across Many Industries

Tom Warren, The Verge:

Thousands of Windows machines are experiencing a Blue Screen of Death (BSOD) issue at boot today, impacting banks, airlines, TV broadcasters, supermarkets, and many more businesses worldwide. A faulty update from cybersecurity provider CrowdStrike is knocking affected PCs and servers offline, forcing them into a recovery boot loop so machines can’t start properly. The issue is not being caused by Microsoft but by third-party CrowdStrike software that’s widely used by many businesses worldwide for managing the security of Windows PCs and servers.

Airlines are down, and hospitals are cancelling elective procedures. Unbelievable, to me, that this is not caused by a bug in Windows but from a third-party tool that I’d never really heard of until today.

The New York Times reports that while the overnight software update from CrowdStrike was automatic and “inescapable” (their word), fixing this might be painstaking and require each affected PC to be fixed manually: rebooting into safe mode, deleting the problematic data file, and then rebooting again to get a clean software update from CrowdStrike. The Times also waited until the 10th paragraph to make this important note:

Apple and Linux machines were not affected by the CrowdStrike software update.

See also: Techmeme’s roundup of coverage, commentary, and jokes.

Friday, 19 July 2024